From 421aa92386a79a62a8f20eff9ce70e2ac927dfd8 Mon Sep 17 00:00:00 2001
From: Giuseppe Criscione <giuseppepeocriscione@gmail.com>
Date: Fri, 12 Oct 2018 13:16:17 +0200
Subject: [PATCH] Add `AccessLimiter` class

---
 admin/src/Security/AccessLimiter.php | 54 ++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 admin/src/Security/AccessLimiter.php

diff --git a/admin/src/Security/AccessLimiter.php b/admin/src/Security/AccessLimiter.php
new file mode 100644
index 00000000..72bfcb35
--- /dev/null
+++ b/admin/src/Security/AccessLimiter.php
@@ -0,0 +1,54 @@
+<?php
+
+namespace Formwork\Admin\Security;
+
+use Formwork\Admin\Utils\Registry;
+use Formwork\Utils\HTTPRequest;
+use Formwork\Utils\Uri;
+
+class AccessLimiter
+{
+    protected $registry;
+
+    protected $limit;
+
+    protected $resetTime;
+
+    protected $attemptHash;
+
+    protected $attempts;
+
+    protected $lastAttemptTime;
+
+    public function __construct(Registry $registry, $limit, $resetTime)
+    {
+        $this->registry = $registry;
+        $this->limit = $limit;
+        $this->resetTime = $resetTime;
+
+        // Hash visitor IP address followed by current host
+        $this->attemptHash = sha1(HTTPRequest::ip() . '@' . Uri::host());
+
+        $this->attempts = $registry->get($this->attemptHash)[0];
+        $this->lastAttemptTime = $registry->get($this->attemptHash)[1];
+    }
+
+    public function hasReachedLimit()
+    {
+        if (time() - $this->lastAttemptTime > $this->resetTime) {
+            $this->resetAttempts();
+        }
+        return $this->attempts > $this->limit;
+    }
+
+    public function registerAttempt()
+    {
+        $this->registry->set($this->attemptHash, array(++$this->attempts, time()));
+    }
+
+    public function resetAttempts()
+    {
+        $this->attempts = 0;
+        $this->registry->remove($this->attemptHash);
+    }
+}